safeCheck = FALSE; $dsql->SetLongLink(); $cfg_admin_skin = 1; // 后台管理风格 //if(file_exists(DEDEDATA.'/admin/skin.txt')) //{ // $skin = file_get_contents(DEDEDATA.'/admin/skin.txt'); // $cfg_admin_skin = !in_array($skin, array(1,2,3,4))? 1 : $skin; //} //获得当前脚本名称,如果你的系统被禁用了$_SERVER变量,请自行更改这个选项 $dedeNowurl = $s_scriptName = ''; $isUrlOpen = @ini_get('allow_url_fopen'); $dedeNowurl = GetCurUrl(); $dedeNowurls = explode('?', $dedeNowurl); $s_scriptName = $dedeNowurls[0]; $cfg_remote_site = empty($cfg_remote_site)? 'N' : $cfg_remote_site; //检验用户登录状态 $cuserLogin = new userLogin(); //增加校验 $cuserLogin->checkUser($userid,$pwd); if($cuserLogin->getUserID()==-1) { //header("location:login.php?gotopage=".urlencode($dedeNowurl)); echo("[err]Invalid username or password[/err]"); exit(); } function XSSClean($val) { if (is_array($val)) { while (list($key) = each($val)) { if(in_array($key,array('tags','body','dede_fields','dede_addonfields','dopost','introduce'))) continue; $val[$key] = XSSClean($val[$key]); } return $val; } return RemoveXss($val); } if($cfg_dede_log=='Y') { $s_nologfile = '_main|_list'; $s_needlogfile = 'sys_|file_'; $s_method = isset($_SERVER['REQUEST_METHOD']) ? $_SERVER['REQUEST_METHOD'] : ''; $s_query = isset($dedeNowurls[1]) ? $dedeNowurls[1] : ''; $s_scriptNames = explode('/', $s_scriptName); $s_scriptNames = $s_scriptNames[count($s_scriptNames)-1]; $s_userip = GetIP(); if( $s_method=='POST' || (!preg_match("#".$s_nologfile."#i", $s_scriptNames) && $s_query!='') || preg_match("#".$s_needlogfile."#i",$s_scriptNames) ) { $inquery = "INSERT INTO `#@__log`(adminid,filename,method,query,cip,dtime) VALUES ('".$cuserLogin->getUserID()."','{$s_scriptNames}','{$s_method}','".addslashes($s_query)."','{$s_userip}','".time()."');"; $dsql->ExecuteNoneQuery($inquery); } } //启用远程站点则创建FTP类 if($cfg_remote_site=='Y') { require_once(DEDEINC.'/ftp.class.php'); if(file_exists(DEDEDATA."/cache/inc_remote_config.php")) { require_once DEDEDATA."/cache/inc_remote_config.php"; } if(empty($remoteuploads)) $remoteuploads = 0; if(empty($remoteupUrl)) $remoteupUrl = ''; $config = array( 'hostname' => $GLOBALS['cfg_ftp_host'], 'username' => $GLOBALS['cfg_ftp_user'], 'password' => $GLOBALS['cfg_ftp_pwd'], 'debug' => 'TRUE' ); $ftp = new FTP($config); //初始化FTP配置 if($remoteuploads==1){ $ftpconfig = array( 'hostname'=>$rmhost, 'port'=>$rmport, 'username'=>$rmname, 'password'=>$rmpwd ); } } //管理缓存、管理员频道缓存 $cache1 = DEDEDATA.'/cache/inc_catalog_base.inc'; if(!file_exists($cache1)) UpDateCatCache(); $cacheFile = DEDEDATA.'/cache/admincat_'.$cuserLogin->userID.'.inc'; if(file_exists($cacheFile)) require_once($cacheFile); //更新服务器 require_once (DEDEDATA.'/admin/config_update.php'); //if(strlen($cfg_cookie_encode)<=10) //{ // $chars='abcdefghigklmnopqrstuvwxwyABCDEFGHIGKLMNOPQRSTUVWXWY0123456789'; // $hash=''; // $length = rand(28,32); // $max = strlen($chars) - 1; // for($i = 0; $i < $length; $i++) { // $hash .= $chars[mt_rand(0, $max)]; // } // $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='{$hash}' WHERE varname='cfg_cookie_encode' "); // $configfile = DEDEDATA.'/config.cache.inc.php'; // if(!is_writeable($configfile)) // { // echo "配置文件'{$configfile}'不支持写入,无法修改系统配置参数!"; // exit(); // } // $fp = fopen($configfile,'w'); // flock($fp,3); // fwrite($fp,"<"."?php\r\n"); // $dsql->SetQuery("SELECT `varname`,`type`,`value`,`groupid` FROM `#@__sysconfig` ORDER BY aid ASC "); // $dsql->Execute(); // while($row = $dsql->GetArray()) // { // if($row['type']=='number') // { // if($row['value']=='') $row['value'] = 0; // fwrite($fp,"\${$row['varname']} = ".$row['value'].";\r\n"); // } // else // { // fwrite($fp,"\${$row['varname']} = '".str_replace("'",'',$row['value'])."';\r\n"); // } // } // fwrite($fp,"?".">"); // fclose($fp); //} /** * 更新栏目缓存 * * @access public * @return void */ function UpDateCatCache() { global $dsql, $cfg_multi_site, $cache1, $cacheFile, $cuserLogin; $cache2 = DEDEDATA.'/cache/channelsonlist.inc'; $cache3 = DEDEDATA.'/cache/channeltoplist.inc'; $dsql->SetQuery("SELECT id,reid,channeltype,issend,typename FROM `#@__arctype`"); $dsql->Execute(); $fp1 = fopen($cache1,'w'); $phph = '?'; $fp1Header = "<{$phph}php\r\nglobal \$cfg_Cs;\r\n\$cfg_Cs=array();\r\n"; fwrite($fp1,$fp1Header); while($row=$dsql->GetObject()) { // 将typename缓存起来 $row->typename = base64_encode($row->typename); fwrite($fp1,"\$cfg_Cs[{$row->id}]=array({$row->reid},{$row->channeltype},{$row->issend},'{$row->typename}');\r\n"); } fwrite($fp1, "{$phph}>"); fclose($fp1); $cuserLogin->ReWriteAdminChannel(); @unlink($cache2); @unlink($cache3); } // 清空选项缓存 function ClearOptCache() { $tplCache = DEDEDATA.'/tplcache/'; $fileArray = glob($tplCache."inc_option_*.inc"); if (count($fileArray) > 1) { foreach ($fileArray as $key => $value) { if (file_exists($value)) unlink($value); else continue; } return TRUE; } return FALSE; } /** * 更新会员模型缓存 * * @access public * @return void */ function UpDateMemberModCache() { global $dsql; $cachefile = DEDEDATA.'/cache/member_model.inc'; $dsql->SetQuery("SELECT * FROM `#@__member_model` WHERE state='1'"); $dsql->Execute(); $fp1 = fopen($cachefile,'w'); $phph = '?'; $fp1Header = "<{$phph}php\r\nglobal \$_MemberMod;\r\n\$_MemberMod=array();\r\n"; fwrite($fp1,$fp1Header); while($row=$dsql->GetObject()) { fwrite($fp1,"\$_MemberMod[{$row->id}]=array('{$row->name}','{$row->table}');\r\n"); } fwrite($fp1,"{$phph}>"); fclose($fp1); } /** * 引入模板文件 * * @access public * @param string $filename 文件名称 * @param bool $isabs 是否为管理目录 * @return string */ function DedeInclude($filename, $isabs=FALSE) { return $isabs ? $filename : DEDEADMIN.'/'.$filename; } /** * 获取当前用户的ftp站点 * * @access public * @param string $current 当前站点 * @param string $formname 表单名称 * @return string */ function GetFtp($current='', $formname='') { global $dsql; $formname = empty($formname)? 'serviterm' : $formname; $cuserLogin = new userLogin(); $row=$dsql->GetOne("SELECT servinfo FROM `#@__multiserv_config`"); $row['servinfo']=trim($row['servinfo']); if(!empty($row['servinfo'])){ $servinfos = explode("\n", $row['servinfo']); $select=""; echo '"; } } helper('cache'); /** * 根据用户mid获取用户名称 * * @access public * @param int $mid 用户ID * @return string */ if(!function_exists('GetMemberName')){ function GetMemberName($mid=0) { global $dsql; $rs = GetCache('memberlogin', $mid); if( empty($rs) ) { $rs = $dsql->GetOne("SELECT * FROM `#@__member` WHERE mid='{$mid}' "); SetCache('memberlogin', $mid, $rs, 1800); } return $rs['uname']; } } //config.php结束 CheckPurview('a_New,a_AccNew'); require_once(DEDEINC.'/customfields.func.php'); require_once(DEDEADMIN.'/inc/inc_archives_functions.php'); //if(empty($dopost)) $dopost = ''; $dopost = 'save'; empty($channelid) && $channelid=1; /* if($dopost!='save') { require_once(DEDEINC."/dedetag.class.php"); require_once(DEDEADMIN."/inc/inc_catalog_options.php"); ClearMyAddon(); $channelid = empty($channelid) ? 0 : intval($channelid); $cid = empty($cid) ? 0 : intval($cid); if(empty($geturl)) $geturl = ''; $keywords = $writer = $source = $body = $description = $title = ''; //采集单个网页 if(preg_match("#^http:\/\/#", $geturl)) { require_once(DEDEADMIN."/inc/inc_coonepage.php"); $redatas = CoOnePage($geturl); extract($redatas); } //获得频道模型ID if($cid>0 && $channelid==0) { $row = $dsql->GetOne("Select channeltype From `#@__arctype` where id='$cid'; "); $channelid = $row['channeltype']; } else { if($channelid==0) { $channelid = 1; } } //获得频道模型信息 $cInfos = $dsql->GetOne(" Select * From `#@__channeltype` where id='$channelid' "); //获取文章最大id以确定当前权重 $maxWright = $dsql->GetOne("SELECT COUNT(*) AS cc FROM #@__archives"); include DedeInclude("templets/article_add.htm"); exit(); } */ /*-------------------------------- function __save(){ } -------------------------------*/ //else if($dopost=='save') //{ require_once(DEDEINC.'/image.func.php'); require_once(DEDEINC.'/oxwindow.class.php'); $flag = isset($flags) ? join(',',$flags) : ''; $notpost = isset($notpost) && $notpost == 1 ? 1: 0; if(empty($typeid2)) $typeid2 = ''; if(!isset($autokey)) $autokey = 0; if(!isset($remote)) $remote = 0; if(!isset($dellink)) $dellink = 0; if(!isset($autolitpic)) $autolitpic = 0; if(empty($click)){ $click = ($cfg_arc_click=='-1' ? mt_rand(50, 200) : $cfg_arc_click); }else{ $click =mt_rand(10, $click); } if(empty($typeid) || !is_numeric($typeid)) { //ShowMsg("请指定文档的栏目!","-1"); echo("[err]请指定文档的栏目![/err]"); exit(); } // if(empty($channelid)) // { // ShowMsg("文档为非指定的类型,请检查你发布内容的表单是否合法!","-1"); // exit(); // } if(!CheckChannel($typeid,$channelid)) { // ShowMsg("你所选择的栏目与当前模型不相符,请选择白色的选项!","-1"); echo("[err]你所选择的栏目与当前模型不相符![/err]"); exit(); } // if(!TestPurview('a_New')) // { // CheckCatalog($typeid,"对不起,你没有操作栏目 {$typeid} 的权限!"); // } function zzhtmlspecialchars($str) { if (version_compare(PHP_VERSION, '5.4.0') >= 0) { return htmlspecialchars($str,ENT_COMPAT,'ISO-8859-1'); } else{ return htmlspecialchars($str); } } //对保存的内容进行处理 if(empty($writer))$writer=$cuserLogin->getUserName(); if ($writer==-1)$writer='匿名'; if(empty($source))$source='未知'; if(empty($sortup))$sortup=0; //增加 if(empty($pubdate))$pubdate=time(); //增加 $pubdate = GetMkTime($pubdate); $senddate = time(); $sortrank = AddDay($pubdate,$sortup); $ismake = $ishtml==0 ? -1 : 0; $title = preg_replace("#\"#", '"', $title); $title = zzhtmlspecialchars(cn_substrR($title,$cfg_title_maxlen)); $shorttitle = cn_substrR($shorttitle,36); $color = cn_substrR($color,7); $writer = cn_substrR($writer,20); $source = cn_substrR($source,30); $description = cn_substrR($description,$cfg_auot_description); $keywords = cn_substrR($keywords,60); $filename = trim(cn_substrR($filename,40)); $userip = GetIP(); $isremote = (empty($isremote)? 0 : $isremote); $voteid = (empty($voteid)? 0 : $voteid); $serviterm=empty($serviterm)? "" : $serviterm; /* if(!TestPurview('a_Check,a_AccCheck,a_MyCheck')) { $arcrank = -1; }*/ $adminid = $cuserLogin->getUserID(); //处理上传的缩略图 if(empty($ddisremote)) { $ddisremote = 0; } $litpic = GetDDImage('none', $picname, $ddisremote); //生成文档ID $arcID = GetIndexKey($arcrank,$typeid,$sortrank,$channelid,$senddate,$adminid); if(empty($arcID)) { // ShowMsg("无法获得主键,因此无法进行后续操作!","-1"); echo("[err]无法获得主键,因此无法进行后续操作![/err]"); exit(); } if(trim($title) == '') { // ShowMsg('标题不能为空', '-1'); echo('[err]标题不能为空![/err]'); exit(); } //处理body字段自动摘要、自动提取缩略图等 $body = AnalyseHtmlBody($body,$description,$litpic,$keywords,'htmltext'); //自动分页 if($sptype=='auto') { $body = SpLongBody($body,$spsize*1024,"#p#分页标题#e#"); } //分析处理附加表数据 $inadd_f = $inadd_v = ''; if(!empty($dede_addonfields)) { $addonfields = explode(';',$dede_addonfields); if(is_array($addonfields)) { foreach($addonfields as $v) { if($v=='') continue; $vs = explode(',',$v); if($vs[1]=='htmltext'||$vs[1]=='textdata') { ${$vs[0]} = AnalyseHtmlBody(${$vs[0]},$description,$litpic,$keywords,$vs[1]); } else { if(!isset(${$vs[0]})) ${$vs[0]} = ''; ${$vs[0]} = GetFieldValueA(${$vs[0]},$vs[1],$arcID); } $inadd_f .= ','.$vs[0]; $inadd_v .= " ,'".${$vs[0]}."' "; } } } //处理图片文档的自定义属性 if($litpic!='' && !preg_match("#p#", $flag)) { $flag = ($flag=='' ? 'p' : $flag.',p'); } if($redirecturl!='' && !preg_match("#j#", $flag)) { $flag = ($flag=='' ? 'j' : $flag.',j'); } //跳转网址的文档强制为动态 if(preg_match("#j#", $flag)) $ismake = -1; //防止KEYWORDS语法错误 zzcity add $keywords=addslashes($keywords); //保存到主表 $query = "INSERT INTO `#@__archives`(id,typeid,typeid2,sortrank,flag,ismake,channel,arcrank,click,money,title,shorttitle, color,writer,source,litpic,pubdate,senddate,mid,voteid,notpost,description,keywords,filename,dutyadmin,weight) VALUES ('$arcID','$typeid','$typeid2','$sortrank','$flag','$ismake','$channelid','$arcrank','$click','$money', '$title','$shorttitle','$color','$writer','$source','$litpic','$pubdate','$senddate', '$adminid','$voteid','$notpost','$description','$keywords','$filename','$adminid','$weight');"; if(!$dsql->ExecuteNoneQuery($query)) { $gerr = $dsql->GetError(); $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'"); // ShowMsg("把数据保存到数据库主表 `#@__archives` 时出错,请把相关信息提交给DedeCms官方。".str_replace('"','',$gerr),"javascript:;"); echo("[err]把数据保存到数据库主表 `#@__archives` 时出错,请把相关信息提交给DedeCms官方。".str_replace('"','',$gerr)."[/err]"); exit(); } //保存到附加表 $cts = $dsql->GetOne("SELECT addtable FROM `#@__channeltype` WHERE id='$channelid' "); $addtable = trim($cts['addtable']); if(empty($addtable)) { $dsql->ExecuteNoneQuery("DELETE FROM `#@__archives` WHERE id='$arcID'"); $dsql->ExecuteNoneQuery("DELETE FROM `#@__arctiny` WHERE id='$arcID'"); // ShowMsg("没找到当前模型[{$channelid}]的主表信息,无法完成操作!。","javascript:;"); echo("[err]没找到当前模型[{$channelid}]的主表信息,无法完成操作![/err]"); exit(); } $useip = GetIP(); $templet = empty($templet) ? '' : $templet; $query = "INSERT INTO `{$addtable}`(aid,typeid,redirecturl,templet,userip,body{$inadd_f}) Values('$arcID','$typeid','$redirecturl','$templet','$useip','$body'{$inadd_v})"; if(!$dsql->ExecuteNoneQuery($query)) { $gerr = $dsql->GetError(); $dsql->ExecuteNoneQuery("Delete From `#@__archives` where id='$arcID'"); $dsql->ExecuteNoneQuery("Delete From `#@__arctiny` where id='$arcID'"); // ShowMsg("把数据保存到数据库附加表 `{$addtable}` 时出错,请把相关信息提交给DedeCms官方。".str_replace('"','',$gerr),"javascript:;"); echo("[err]把数据保存到数据库附加表 `{$addtable}` 时出错,请把相关信息提交给DedeCms官方。".str_replace('"','',$gerr)."[/err]"); exit(); } //生成HTML InsertTags($tags,$arcID); if($cfg_remote_site=='Y' && $isremote=="1") { if($serviterm!=""){ list($servurl,$servuser,$servpwd) = explode(',',$serviterm); $config=array( 'hostname' => $servurl, 'username' => $servuser, 'password' => $servpwd,'debug' => 'TRUE'); }else{ $config=array(); } // if(!$ftp->connect($config)) exit('Error:None FTP Connection!'); if(!$ftp->connect($config)) exit('[err]Error:None FTP Connection![/err]'); } $dsql->ExecuteNoneQuery("UPDATE `#@__uploads` SET title='{$title}' where arcid = '{$arcID}'; "); $artUrl = MakeArt($arcID,true,true,$isremote); /* if($artUrl=='') { $artUrl = $cfg_phpurl."/view.php?aid=$arcID"; } ClearMyAddon($arcID, $title); //返回成功信息 $msg = "   请选择你的后续操作: 继续发布文档    查看文档    更改文档    已发布文档管理    $backurl "; $msg = "
{$msg}
".GetUpdateTest(); $wintitle = '成功发布文档!'; $wecome_info = '文档管理::发布文档'; $win = new OxWindow(); $win->AddTitle('成功发布文档:'); $win->AddMsgItem($msg); $winform = $win->GetWindow('hand', ' ', false); $win->Display(); */ /****************************** //更新上一篇和下一篇 function makeprenext() { } ******************************/ //if($dopost=='makeprenext') //{ if($cfg_make_prenext=='Y' && !empty($typeid)){ require_once(DEDEINC.'/arc.archives.class.php'); //$aid = intval($aid); $aid = intval($arcID); //zzcity add $preRow = $dsql->GetOne("SELECT id FROM `#@__arctiny` WHERE id<$aid AND arcrank>-1 AND typeid='$typeid' ORDER BY id DESC"); $nextRow = $dsql->GetOne("SELECT id FROM `#@__arctiny` WHERE id>$aid AND arcrank>-1 AND typeid='$typeid' ORDER BY id ASC"); if(is_array($preRow)) { $envs['aid'] = $preRow['id']; $arc = new Archives($preRow['id']); $arc->MakeHtml(); } if(is_array($nextRow)) { $envs['aid'] = $nextRow['id']; $arc = new Archives($nextRow['id']); $arc->MakeHtml(); } // if( empty($nextdo) ) // { // ShowMsg("完成上下篇文档更新任务!完成所有更新任务!", "close::tgtable"); // exit(); // } // else // { // $jumpurl = GetNextUrl(); // ShowMsg("完成下篇文档更新任务! 继续执行其它任务...", $jumpurl,0,500); // exit(); // } } //} /****************************** //更新主页的任务 ******************************/ empty($zznomakeindex) && $zznomakeindex=0; //zzcity add if($cfg_makeindex=='Y' && $zznomakeindex==0){ require_once(DEDEINC.'/arc.partview.class.php'); $envs = $_sys_globals = array(); $envs['aid'] = 0; $pv = new PartView(); $row = $pv->dsql->GetOne('SELECT * FROM `#@__homepageset`'); $templet = str_replace("{style}", $cfg_df_style, $row['templet']); $homeFile = dirname(__FILE__).'/'.$row['position']; $homeFile = str_replace("//", "/", str_replace("\\", "/", $homeFile)); // $fp = fopen($homeFile, 'w') or die("无法更新网站主页到:$homeFile 位置"); $fp = fopen($homeFile, 'w') or exit('[err]无法更新网站主页到:'.$homeFile.' 位置[/err]'); fclose($fp); $tpl = $cfg_basedir.$cfg_templets_dir.'/'.$templet; if(!file_exists($tpl)) { $tpl = $cfg_basedir.$cfg_templets_dir.'/default/index.htm'; // if(!file_exists($tpl)) exit("无法找到主页模板:$tpl "); if(!file_exists($tpl)) exit('[err]无法找到主页模板:'.$tpl.' [/err]'); } $GLOBALS['_arclistEnv'] = 'index'; $pv->SetTemplet($tpl); $pv->SaveToHtml($homeFile); $pv->Close(); /* if( empty($nextdo) ) { ShowMsg("完成主页更新任务!完成所有更新任务!", "close::tgtable"); exit(); } else { $jumpurl = GetNextUrl(); ShowMsg("完成主页更新! 现在跳转到其它更新任务...", $jumpurl,0,500); exit(); } */ } /****************************** //更新所有关连的栏目 function makeparenttype() { } ******************************/ empty($zznomakeandcat) && $zznomakeandcat=0; //zzcity add if($cfg_make_andcat=='Y' && $zznomakeandcat==0){ require_once(DEDEDATA."/cache/inc_catalog_base.inc"); require_once(DEDEINC.'/arc.listview.class.php'); //$notallowArr = array('dopost', 'f', 'del', 'curpage', 'morejob'); //$jumpurl = GetNextUrl($notallowArr); if( empty($typeid) ) { //ShowMsg("完成栏目更新任务!完成所有更新任务!", "close::tgtable"); exit(); } $topids = explode(',', GetTopids($typeid)); if(empty($curpage)) $curpage = 0; while($curpage <= count($topids)-1){ $tid = $topids[$curpage]; if(isset($cfg_Cs[$tid]) && $cfg_Cs[$tid][1]>0) { require_once(DEDEINC."/arc.listview.class.php"); $lv = new ListView($tid); $lv->MakeHtml(); $lv->Close(); } else { require_once(DEDEINC."/arc.sglistview.class.php"); $lv = new SgListView($tid); // exit(); //zzcityadd $lv->MakeHtml(); $lv->Close(); } $curpage++; } } echo("[ok]"); exit(); //} ?>